Michael Schiemer
24cbbccf4c
- Update Ansible playbooks and roles for application deployment - Add new Gitea/Traefik troubleshooting playbooks - Update Docker Compose configurations (base, local, staging, production) - Enhance EncryptedEnvLoader with improved error handling - Add deployment scripts (autossh setup, migration, secret testing) - Update CI/CD workflows and documentation - Add Semaphore stack configuration
30 lines
814 B
Django/Jinja
30 lines
814 B
Django/Jinja
# WireGuard Client Configuration for {{ client_name }}
|
|
# Generated by Ansible - DO NOT EDIT MANUALLY
|
|
|
|
[Interface]
|
|
# Client private key
|
|
PrivateKey = {{ client_private_key.stdout }}
|
|
|
|
# Client IP address in VPN network
|
|
Address = {{ client_ip }}/24
|
|
|
|
{% if wireguard_dns_servers | length > 0 %}
|
|
# DNS servers provided via Ansible (optional)
|
|
DNS = {{ wireguard_dns_servers | join(', ') }}
|
|
{% endif %}
|
|
|
|
[Peer]
|
|
# Server public key
|
|
PublicKey = {{ server_public_key_cmd.stdout }}
|
|
|
|
# Server endpoint
|
|
Endpoint = {{ server_external_ip_content }}:{{ wireguard_port }}
|
|
|
|
# Allowed IPs (routes through VPN)
|
|
# IMPORTANT: Only VPN network is routed through VPN by default
|
|
# SSH access via normal IP ({{ server_external_ip_content }}) remains available
|
|
AllowedIPs = {{ allowed_ips }}
|
|
|
|
# Keep connection alive
|
|
PersistentKeepalive = 25
|